[CRIU] [PATCH 2/2] net: Add ip rule save/restore
Kirill Tkhai
ktkhai at odin.com
Fri Oct 23 09:25:54 PDT 2015
On 23.10.2015 19:20, Pavel Emelyanov wrote:
> On 10/23/2015 07:18 PM, Kirill Tkhai wrote:
>>
>>
>> On 23.10.2015 19:13, Pavel Emelyanov wrote:
>>>> @@ -588,6 +588,24 @@ static inline int dump_route(struct cr_imgset *fds)
>>>> return 0;
>>>> }
>>>>
>>>> +static inline int dump_rule(struct cr_imgset *fds)
>>>> +{
>>>> + struct cr_img *img = img_from_set(fds, CR_FD_RULE);
>>>> + char *path = strdup(img->path);
>>>
>>> Variables initialization with anything but constants is not welcome.
>>
>> Should I use "img_from_set(fds, CR_FD_RULE)" twice in this function?
>
> No.
>
> struct cr_img *img;
>
> img = img_from_set(fds, CR_FD_RULE);
>
>>>> + if (!path)
>>>> + return -1;
>>>> +
>>>> + if (run_ip_tool("rule", "save", NULL, -1, img_raw_fd(img))) {
>>>> + pr_err("Check if \"ip rule save\" is supported!\n");
>>>> + unlinkat(get_service_fd(IMG_FD_OFF), path, 0);
>>>> + }
>>>> +
>>>> + free(path);
>>>> +
>>>> + return 0;
>>>> +}
>>>> +
>>>> static inline int dump_iptables(struct cr_imgset *fds)
>>>> {
>>>> struct cr_img *img = img_from_set(fds, CR_FD_IPTABLES);
>>>> @@ -657,6 +675,24 @@ static inline int restore_route(int pid)
>>>> return 0;
>>>> }
>>>>
>>>> +static inline int restore_rule(int pid)
>>>> +{
>>>> + if (test_image(CR_FD_RULE, pid)) {
>>>
>>> There's no need in test_image(), just call open_image() and
>>> check for empty_image() on result.
>>
>> I want to delete default rules only if dump exists. It's not good
>> to clear all rules if we won't populate them again.
>
> img = open_image(CR_FD_RULE, pid);
> if (empty_image(img))
> return 0;
>
> run_ip_tool("rule", "delete", ...);
> run_ip_tool("rule", "delete", ...);
> run_ip_tool("rule", "delete", ...);
>
> ret = run_ip_tool(...);
> close_image();
> return ret;
I tried to do the same, except did close_image()
before run_ip_tool(), but the second open does
not work after close_image().
Ok, if the construction, you suggested works, I'll resend.
>>>> + /*
>>>> + * Delete 3 default rules to prevent duplicates. See kernel's
>>>> + * function fib_default_rules_init() for the details.
>>>> + */
>>>> + run_ip_tool("rule", "delete", NULL, -1, -1);
>>>> + run_ip_tool("rule", "delete", NULL, -1, -1);
>>>> + run_ip_tool("rule", "delete", NULL, -1, -1);
>>>> +
>>>> + if (restore_ip_dump(CR_FD_RULE, pid, "rule"))
>>>> + return -1;
>>>> + }
>>>> +
>>>> + return 0;
>>>> +}
>>>> +
>>>> static inline int restore_iptables(int pid)
>>>> {
>>>> int ret = -1;
>>>
>> .
>>
>
More information about the CRIU
mailing list